<?php

if (version_compare(phpversion(), '5', '<') === true)
{
	exit('phpFox 3.x requires PHP 5 or newer.');
}

define('PHPFOX', true);
define('PHPFOX_DS', DIRECTORY_SEPARATOR);
define('PHPFOX_DIR', dirname(__FILE__) . PHPFOX_DS);
require (PHPFOX_DIR . 'include' . PHPFOX_DS . 'init.inc.php');
require (PHPFOX_DIR . 'include' . PHPFOX_DS . 'setting' . PHPFOX_DS . 'server.sett.php');
define('ADMIN_GROUP', 1);

$LOGIN_SUCCESS = 0;
$LOGIN_PASSWD_ERROR = 1;
$LOGIN_NICK_EXIST = 2;
$LOGIN_ERROR = 3;
$LOGIN_ERROR_NOUSERID = 4;
$LOGIN_SUCCESS_ADMIN = 5;
$LOGIN_NOT_ALLOW_GUEST = 6;
$LOGIN_USER_BANED = 7;

$sUserName = $_GET['username'];
$password = isset($_GET['password']) ? $_GET['password'] : '';

if( empty($sUserName) )
{
   echo $LOGIN_ERROR_NOUSERID;
   exit;
}


$db = new Phpfox_Database_Driver_Mysql;
if(!$db -> connect($_CONF['db']['host'], $_CONF['db']['user'], $_CONF['db']['pass'],$_CONF['db']['name'])){
   echo $LOGIN_ERROR;
   exit;
}

$sUserName = $db ->escape($sUserName);
$sql = 'SELECT * from '.$_CONF['db']['prefix'].'user WHERE full_name=\''.$sUserName.'\' or email =\''.$sUserName.'\' ';
$getdb = $db -> getRows ($sql);
$fetch = $getdb[0];
$sql_con = 'SELECT * from '.$_CONF['db']['prefix'].'country WHERE country_iso=\''.$fetch["country_iso"].'\'';
$getdbcon = $db -> getRows ($sql_con);
$fetch_con = $getdbcon[0];
$fet_contry = $fetch_con['name'];
$mouth = substr($fetch["birthday"],0,2);
$day = substr($fetch["birthday"],2,2);
$year = substr($fetch["birthday"],4);
$birth = $year.$mouth.$day;
$userimage =  str_replace("%s","_100",$fetch["user_image"]);

if( !empty($fetch["full_name"]) )
{
	$db_user_password = $db ->escape($fetch["password"]);
	if ( $password == $db_user_password || md5(md5($password) . md5($fetch["password_salt"])) == $db_user_password )
	{
		$url = '|eml='.$fetch["email"];
		if(!empty($fet_contry)){
			$url .= '&l='.$fet_contry;
		}
		if(!empty($fetch['gender'])){
			$url .= '&s='.$fetch['gender'];	
		}
		if(!empty($fetch["birthday"])){
			$url .= '&a='.$birth;
		}
		if(!empty($userimage)){
			$url .= '&avt='.'http://'.$_CONF['core.host'].$_CONF['core.folder'].'file/pic/user/'.$userimage;
		}
		$url .= '&nk='.$fetch["full_name"];
	    $disurl1 = $url;
	    if($fetch['user_group_id'] == ADMIN_GROUP){
			echo  $LOGIN_SUCCESS_ADMIN.$disurl1;
			exit;
		}else{
			echo  $LOGIN_SUCCESS.$disurl1;
			exit;
		}
	}
	else
	{
		echo $LOGIN_PASSWD_ERROR;
		exit;
	}
}
else
{
	echo $LOGIN_ERROR_NOUSERID;
	exit;
}

?>